b"SEC.gov |  Semiannual Report to Congress: October 1, 2001 to March 31, 2002\nSearch SEC Documents\nCompany Filings | More Search Options\nSkip to Main Content\nAbout\nWhat We Do\nCommissioners\nSecurities Laws\nSEC Docket\nReports\nCareers\nContact\nDivisions\nCorporation Finance\nEnforcement\nInvestment Management\nEconomic and Risk Analysis\nTrading and Markets\nNational Exam Program\nAll Divisions and Offices\nEnforcement\nLitigation Releases\nAdministrative Proceedings\nOpinions and Adjudicatory Orders\nAccounting and Auditing\nTrading Suspensions\nHow Investigations Work\nAdministrative Law Judges\nRegulation\nProposed Rules\nFinal Rules\nInterim Final Temporary Rules\nOther Orders and Notices\nSelf-Regulatory Organizations\nStaff Interpretations\nEducation\nInvestor.gov\nCheck Out a Broker or Adviser\nInvestor Alerts and Bulletins\nFast Answers\nFile a Tip or Complaint\nPublications\nFilings\nEDGAR Search Tools\nCompany Filings Search\nHow to Search EDGAR\nRequesting Public Documents\nDescriptions of Filing Types\nInformation for Filers\nAbout EDGAR\nNews\nPress Releases\nPublic Statements\nSpeeches\nTestimony\nSpotlight Topics\nWhat's New\nNews Digest\nEvents\nWebcasts\nSpecial Studies\nSemiannual Report to Congress: October 1, 2001 to March 31, 2002\nInspector General\nAbout OIG Office of Audits Office of Investigations Semiannual Reports Testimony Other Publications References Links Relevant FOIA Documents Contact Us\nThis document is an HTML formatted version of a printed document.\nThe printed document may contain agency comments, charts, photographs,\nappendices, footnotes and page numbers which may not be reproduced in this\nelectronic version.  If you require a printed version of this document\ncontact the United States Securities and Exchange Commission, Office of\nInspector General, Mail Stop 11-7, 450 Fifth Street N.W., Washington, D.C.\n20549 or call (202) 942-4460.\nSecurities and Exchange Commission\nOffice of Inspector General\nSemiannual Report to Congress\nOctober 1, 2001 to March 31, 2002\nExecutive Summary\nDuring this reporting period (October 1, 2001 to March 31, 2002) the Office of Inspector General (Office) issued eight audit reports and one audit memorandum. These evaluations focused on performance reports under the Government Performance and Results Act; data integrity in the Enforcement Program's Case Activity Tracking System; a follow-up audit on management controls over sensitive information; printing and publications; information technology project management; administrative controls in the Pacific Regional Office and the Fort Worth District Office; Commission oversight of its non-appropriated funding instrumentality (the Employee Recreation and Welfare Association); and rural office location policy.  The Audit Program section below describes this work further.\nSeven investigations were closed during the period.  Three subjects were referred to the Commission.  During the period, one subject was removed and another subject (referred in a prior period) resigned.  A third subject agreed to alternative discipline (3 days LWOP) and a subject (referred in a prior period) was counseled.  Two subjects, referred to Commission management during this and a prior period, are awaiting disposition. The Investigative Program section below describes the significant cases further.\nNo new significant problems are being reported, and we are closing three previously reported significant problems, based on strengthened management controls.\nIn a prior period, we reported controls over disgorgement1 waivers as a significant problem, based on our audit.  The Division of Enforcement has taken actions to improve the waiver process.  It has issued written procedures on waivers and is using an external database to check information in waiver requests.  It also hired a contractor to identify further improvements in its waiver procedures.  We no longer believe disgorgement waivers to be a significant problem.\nWe also previously reported the safeguarding of sensitive information as a significant problem.  Since then, management has established a task force to implement corrective actions, issued an agency-wide policy, and hired a consultant to assist in a comprehensive review of the matter.  The Commission has implemented the consultant's most significant recommendations.  Our follow-up audit (reported this period) found that safeguarding sensitive information is no longer a significant problem.\nAnother previously reported significant problem involved lack of adequate controls over the collection of fees.  Since first reported, statutory changes have eliminated many of the fees most at risk.  Moreover, Commission management has made significant progress in correcting the most serious weaknesses.  A new automated filing fee system was implemented during the prior period.  Our audit of filing fees (ongoing) found that controls over fee collections are now generally adequate.\nManagement of information resources was also previously reported as a significant problem.  During this period, the Commission has continued to make improvements in its management of information resources, as described below.  Our Office is implementing a series of audits and advisory services focusing on information technology.  We intend to maintain our oversight of the Commission's management of information resources.\nNo management decisions were revised during the period.  The Office of Inspector General agrees with all significant management decisions regarding audit recommendations.\nAudit Program\nThe Office issued eight audit reports and one audit memoranda during the reporting period.  These documents contained a total of 44 recommendations, which are further summarized below.  Management generally concurred with the recommendations.\nGPRA PERFORMANCE REPORTS (AUDIT NO. 329)\nThe Government Performance and Results Act of 1993 (GPRA) requires government agencies to submit annual performance reports to the Congress concerning progress toward goals and objectives included in the agencies' performance plans.  The reports compare actual performance to planned goals, explain unmet goals and assess the impact of current performance on future performance levels.\nOur audit sought to determine whether the Commission prepared its FY 1999 performance report in accordance with GPRA requirements and maintained adequate supporting information for selected performance measures.  During the audit, we interviewed staff, reviewed supporting documentation, and performed tests of selected records.\nWe found that the Commission's performance reports generally complied with the GPRA.  However, we recommended actions for nine of eleven performance measures reviewed to ensure that reported measures materially agreed with the supporting records.  We noted similar discrepancies in a previous audit (Audit 283, issued March 16, 1999).  We also recommended that the Office of Financial Management  improve the link between GPRA objectives, strategies, goals and measures.\nCATS 2000 DATA (AUDIT NO. 331)\nThe Case Activity Tracking System (CATS) is used by the Enforcement Program to record enforcement data and to create management reports.  The system tracks investigations, matters under inquiry (MUIs), and other enforcement-related data.  A new version of CATS was implemented in June 1999, primarily because the prior system was not year 2000 compliant.\nWe reviewed the reliability (i.e., the timeliness, accuracy, and completeness) of selected CATS data.  The audit scope included investigations, MUIs, administrative proceedings (APs), and civil actions.  We interviewed Commission staff and performed tests of data reliability, including a review of supporting documentation for several judgmental samples of cases.\nWe found that the timeliness, accuracy and completeness of data in CATS need improvement.  Our recommendations include issuing guidance to staff, periodically reviewing system data, and correcting data errors.\nDuring the audit, the Enforcement Program (Program) established a Steering Committee to improve CATS data reliability.  Also, the Program, the Office of Information Technology (OIT), and the Office of the Secretary (OS) are considering updating CATS with certain data from OS's computer systems, through an automated interface.\nSENSITIVE INFORMATION FOLLOW-UP (AUDIT NO. 333)\nWe conducted a follow-up audit of the security of sensitive information.  A previous audit (Audit 277, issued May 3, 1999) on sensitive information found that management controls over this information could be improved.  In response, Commission management established a task force to implement corrective actions, issued agency-wide policies and procedures (SECR 23-2, Safeguarding Non-Public Information), and hired a contractor to review overall Commission security.  The contractor's recommendations related to protecting information are being implemented, as appropriate.\nOur audit objectives were to determine whether the management controls over sensitive information with respect to Commission staff and contractors were adequate, and to assess compliance with the controls. Our assessment of compliance focused on market sensitive information (e.g., possible mergers), since this information has a high risk of misuse.  During the audit, we interviewed and observed Commission staff, conducted research on best practices used by others (e.g., law and brokerage firms) to protect sensitive information, and reviewed available documentation, among other procedures.\nOur audit determined that the Commission's controls over sensitive information are now generally adequate.  In addition, the Commission is implementing additional security measures in response to the terrorist attacks of September 11, 2001.\nWe recommended further enhancements to the controls over sensitive information, including more door locks and shredders, additional staff training, periodic compliance reviews, and enhanced protection of information stored on computers and paper.\nPRINTING AND PUBLICATIONS (AUDIT NO. 335)\nThe Office of Administrative and Personnel Management (OAPM) is primarily responsible for Commission printing and publications.  Commission regulation SECR1-2 describes internal printing and publication procedures.\nOur audit of printing and publications sought to determine whether procedures were efficient and effective, and complied with applicable guidance.  During the audit, we reviewed relevant documentation, identified and tested management controls, interviewed staff from the Commission and the Government Printing Office, and observed activities in the Publishing Branch, among other procedures.\nWe found that printing and publications were generally efficient, effective and in compliance with applicable guidance.  Our recommended enhancements include: distributing an electronic version of the SEC Docket (estimated annual savings of approximately $150,000); modifying publication procedures for forms; enhancing supervisory controls over the Publications Section; and enhancing tracking of the Publishing Branch's workload, and increasing its storage capacity.\nINFORMATION TECHONOLOGY PROJECT MGM'T (AUDIT NO. 337)\nWe reviewed the project management practices of the Office of Information Technology (OIT).  The review sought to determine whether OIT's management of information technology projects was adequate, and in compliance with applicable laws and regulations.  Among other procedures, we reviewed project management guidance; interviewed OIT staff; and evaluated documentation from a sample of eight projects.\nWe found that OIT project management practices were generally adequate, and in compliance with most aspects of recently enacted laws and regulations.\nWe recommended several improvements, including: testing the operational effectiveness of approved project management policies and procedures before mandating their use; establishing a project management regulation for certain projects; establishing tracking and oversight controls for monitoring contractor performance; and implementing a performance-based acquisition analysis process.\nPACIFIC REGIONAL OFFICE (AUDIT NO. 342)\nThe Pacific Regional Office (PRO), with approximately 135 full-time staff, carries out the Commission's programs, subject to Commission oversight, in Alaska, Arizona, California, Guam, Hawaii, Idaho, Montana, Nevada, Oregon and in the state of Washington.  The PRO's administrative officer and staff perform a broad range of financial and administrative functions, including purchasing, travel, time and attendance, and budgeting.\nWe conducted a limited audit of selected financial and administrative controls in the PRO.  The purpose of the audit was to provide the Commission with negative assurance2 that the internal controls were adequate, being implemented economically and efficiently, and in compliance with Commission policies and procedures.  Audit procedures included interviewing PRO staff, reviewing supporting documentation, and conducting limited tests of transactions in fiscal year 2001.\nWe made recommendations to enhance PRO's property management.  We also informally discussed a number of non-material findings and recommendations with PRO management, during the audit.  Otherwise, no material weaknesses in the office's financial and administrative controls came to our attention.\nFORT WORTH DISTRICT OFFICE (AUDIT NO. 345)\nThe Fort Worth District Office (FWDO) assists the Central Regional Office in Denver, CO, in carrying out the Commission's programs, subject to Commission oversight, in Arkansas, Colorado, Kansas, Nebraska, New Mexico, North Dakota, Oklahoma, South Dakota, Texas, Utah and Wyoming.  The FWDO exercises a broad range of financial and administrative functions, including: time and attendance; purchasing; travel arrangements; property management; and budgeting.\nWe conducted a limited audit of selected financial and administrative controls in the FWDO.  The purpose of the audit was to provide the Commission with negative assurance3 that the internal controls were adequate, being implemented economically and efficiently, and in compliance with Commission policies and procedures.  Audit procedures included interviewing FWDO staff, reviewing supporting documentation, and conducting limited tests of transactions.\nWe recommended measures to enhance office security (e.g., by periodically changing door pass codes and reminding its staff to safeguard non-public information in common areas).  We also informally discussed a number of non-material findings and recommendations with FWDO management.  Otherwise, no material weaknesses in the office's financial and administrative controls came to our attention.\nCOMMISSION OVERSIGHT OF NAFI (AUDIT NO. 346)\nEmployees in numerous agencies have established non-appropriated funding instrumentalities (NAFI) to promote employee welfare and morale.  As their name implies, these organizations typically do not receive appropriated funds, but instead are dependent on member dues and revenues from their activities.\nEstablished in 1964, the Commission's NAFI, the Recreation and Welfare Association (RWA), promotes employee welfare through several activities, including employee parking, sale of Commission memorabilia, social events (e.g., ice cream socials), and short-term loans to employees.  These activities have been generally limited to headquarters staff.\nThe objective of our review was to determine if Commission oversight of its NAFI was adequate, and related management controls were appropriate and operating as intended.  During the audit, we reviewed available documentation, interviewed Commission and RWA staff, and obtained information on NAFI oversight at several federal agencies, among other procedures.\nWe found that Commission oversight and management controls for its NAFI needed to be improved.  Among other steps, we recommended that the Office of Administrative and Personnel Management issue guidance describing its oversight responsibilities; develop and execute a memorandum of understanding or other agreement with the RWA; require RWA to enhance its financial controls; and discuss with RWA ways to enhance its management structure and effectiveness.\nRURAL OFFICE LOCATION POLICY (AUDIT MEMORANDUM 22)\nIn Section 601 of the Rural Development Act (RDA) of 1972 (7 U.S.C. sec. 2204b-1), Congress required agencies to establish and maintain policies and procedures giving first priority to the location of new offices and other facilities in rural areas.\nSection 647 of the Treasury and General Government Appropriations Act (Public Law 107-67, enacted November 12, 2001) required the Office of Inspector General in each agency to prepare a report to the Congress describing the agency's compliance with this requirement.\nBased on our discussions with Commission staff, we found that the Commission has not implemented the RDA requirement.4   Accordingly, we recommended that the Office of Administrative and Personnel Management develop policies and procedures to comply with the applicable provisions of Section 601 of the RDA.\nInvestigative Program\nSeven investigations were closed during the period.  Three subjects were referred to the Commission.\nDuring the period, one subject was removed and another subject (referred in a prior period) resigned.  A third subject agreed to alternative discipline (3 days LWOP) and a subject (referred in a prior period) was counseled.  Two subjects, referred to Commission management during this and a prior period, are awaiting disposition.  The most significant cases closed during the period are described below.\nMISUSE OF COMPUTER RESOURCES\nAn Office investigation disclosed evidence that a Commission staff attorney had used a government computer to visit sexually explicit websites on the Internet.  The staff member took three days of leave without pay pursuant to an alternative discipline agreement.\nAnother investigation developed evidence that a Commission employee had used a government computer to send and receive sexually explicit and suggestive e-mail, and visit similarly inappropriate Internet websites.  We obtained evidence that the employee had engaged in these activities after receiving several warnings.  Administrative action is pending.\nAn investigation completed in a prior period found evidence that a Commission manager had used a government computer to visit sexually explicit websites on the Internet.  The subject resigned after removal was proposed during this period.  We also referred the matter to the Department of Justice, where it is pending.\nFORGERY, FALSE STATEMENTS AND WELFARE FRAUD\nThe Office's investigation found evidence that a Commission employee had forged insurance checks that the employee knew were stolen from the lobby of the building in which the employee worked.  We also found evidence that the employee made false statements to the Commission, made fraudulent claims, and misused Commission resources for personal purposes.  The Department of Justice declined prosecution and the employee was removed.\nRACISM AND INTIMIDATION\nThe Office investigated an allegation that Commission managers had engaged in racist and intimidating behavior towards a member of the public who had filed a registration statement for an initial public offering with the Commission.  The evidence obtained during our investigation failed to substantiate the allegation.\nSignificant Problems\nNo new significant problems were identified, based on the work completed during the period.\nSignificant Problems Identified Previously\nDISGORGEMENTS\nIn a prior reporting period, we completed an audit of disgorgements in enforcement cases.  We found that improvements could be made to the disgorgement waiver process to achieve greater assurance that waivers were justified.\nThe Division of Enforcement concurred and has taken actions to improve the waiver process. It issued updated written procedures relating to waivers, hired a contractor to identify further improvements, and is using an external database to verify information submitted in waiver requests, as well as to identify omitted information.\nBased on our continuing work in the Enforcement Program, we believe that the changes made have sufficiently addressed the problems we originally reported, and that controls over disgorgement waivers are no longer a significant problem.\nSENSITIVE INFORMATION\nIn a previous period, we reported the safeguarding of sensitive information as a significant problem.  Since then, management established a task force to implement corrective actions, issued agency-wide policy, and hired a security consultant to assist in a more comprehensive review of overall security.  The Commission has implemented the consultant's most significant recommendations.\nOur follow-up audit on controls over sensitive information (reported this period) found that safeguarding of sensitive information is no longer a significant problem.\nCOLLECTION OF FILING FEES\nSince 1996 we have identified the Commission's collection of filing fees as a significant problem.  Since then, statutory changes have eliminated many of the fees most at risk.  Moreover, Commission management has made significant progress in correcting the most serious weaknesses.  A new fee system, designed to have adequate financial controls, was implemented in the prior period.\nOur audit of filing fees (ongoing) found that controls over fee collections are now generally adequate.  We no longer believe that the collection of filing fees is a significant problem.\nINFORMATION RESOURCES MANAGEMENT\nWe previously identified information resources management as a significant problem based on prior audits, investigative work, and management studies that identified significant weaknesses in many aspects of the Commission's management of information resources.\nOver the past six months, the Office of Information Technology (OIT) continued making significant improvements in many aspects of the Commission's management of information resources.  During this period, OIT requested closure of 15 of 66 open audit recommendations.  In addition, OIT established additional IRM oversight and control processes, by:\nAssigning specific responsibility and completion target dates to appropriate OIT staff to implement open audit recommendations within their areas of technical expertise,\nMonitoring the status of all open audit recommendations monthly,\nEstablishing and approving a formal policy for preparing and approving Securities and Exchange Commission Regulations (SECRs) and supporting Technical Bulletins covering information technology (IT) matters,\nDrafting new IRM policies and procedures and moving previously drafted IRM policies and procedures through the formal approval process,\nPerforming internal compliance reviews of IT operations,\nRequesting timely input from the Office of Inspector General (OIG) on various IRM and IT issues,\nReviewing audit reports addressed to SEC program offices outside of OIT to proactively identify, address, and resolve potential IRM and IT issues, and\nWorking proactively with the OIG to clarify specific actions needed to eliminate IRM as a significant problem over the next twelve months.\nOIT's accomplishments during this reporting period are noteworthy, and demonstrate a strong commitment to implement and maintain an effective IRM program within the Commission.\nDuring this period, we completed an audit of IT project management.   Reviews of the security over the Commission's public web site, administration of IT contracts and regional telecommunications security are ongoing.  In the recent past, we have completed a Control Self Assessment of OIT, a Business Process Review of IT Capital Decision-Making, and several IT audits.  In future periods, we intend to maintain our oversight of the Commission's management of information resources.\nAccess to Information\nThe Office of Inspector General has received access to all information required to carry out its activities.  No reports to the Chairman, concerning refusal of such information, were made during the period.\nOther Matters\nEXECUTIVE COUNCIL ON INTEGRITY AND EFFICIENCY\nThe Office actively participates in the activities of the Executive Council on Integrity and Efficiency (ECIE).  The Inspector General attends ECIE meetings, is an active member of its Financial Institutions Regulatory Committee, and serves as the ECIE member on the Integrity Committee (established by Executive Order No. 12993).\nThe Counsel to the Inspector General is an active member of the PCIE Council of Counsels.  The Council considers legal issues relevant to the Inspector General community.\nQuestioned Costs\nDOLLAR VALUE(IN THOUSANDS)\nNUMBER\nUNSUPPORTEDCOSTS\nQUESTIONEDCOSTS\nA\nFor which no management decision has been made by the commencement of the reporting period\n0\n0\n0\nB\nWhich were issued during the reporting period\n0\n0\n0\nSubtotals (A+B)\n0\n0\n0\nC\nFor which a management decision was made during the reporting period\n0\n0\n0\n(i)\nDollar value of disallowed costs\n0\n0\n0\n(ii)\nDollar value of costs not disallowed\n0\n0\n0\nD\nFor which no management decision has been made by the end of the period\n0\n0\n0\nReports for which no management decision was made within six months of issuance\n0\n0\n0\nRecommendations That Funds Be Put To Better Use\nNUMBER\nDOLLAR VALUE(IN THOUSANDS)\nA\nFor which no management decision has been made by the commencement of the reporting period\n0\n0\nB\nWhich were issued during the reporting period\n1\n150\nSubtotals (A+B)\n1\n150\nC\nFor which a management decision was made during the period\n1\n150\n(i)\nDollar value of recommendations that were agreed to by management\n1\n150\n-\nBased on proposed management action\n1\n150\n-\nBased on proposed legislative action\n0\n0\n(ii)\nDollar value of recommendations that were not agreed to by management\n0\n0\nD\nFor which no management decision has been made by the end of the reporting period\n0\n0\nReports for which no management decision was made within six months of issuance\n0\n0\nReports with No Management Decisions\nManagement decisions have been made on all audit reports issued before the beginning of this reporting period (October 1, 2001).\nRevised Management Decisions\nNo management decisions were revised during the period.\nAgreement with Significant Management Decisions\nThe Office of Inspector General agrees with all significant management decisions regarding audit recommendations.\n1    Disgorgements represent ill-gotten gains (or losses avoided) resulting from individuals violating the federal securities laws.  The Commission seeks disgorgement to ensure that securities law violators do not profit from their illegal activity.  When appropriate, the disgorged funds are returned to injured investors.\n2  Negative assurance means that no material internal control weaknesses came to our attention during our            limited audit.\n3     Negative assurance means that no material internal control weaknesses came to our attention during our limited audit.\n4     In a July 2001 report (GAO-01-805), the General Accounting Office found that only 5 of the 13 cabinet departments it contacted had a policy to implement RDA.\nMANAGEMENT RESPONSE OF THE SECURITIES AND EXCHANGE COMMISSION ACCOMPANYING THE SEMIANNUAL REPORT OF THE INSPECTOR GENERAL FOR THE PERIOD OCTOBER 1, 2001 THROUGH MARCH 31, 2002\nIntroduction\nThe Semiannual Report of the Inspector General (IG) of the Securities and Exchange Commission (SEC) was submitted to the Chairman on April 30, 2002 as required by the Inspector General Act of 1978, as amended.  The report has been reviewed by the Chief of Staff, General Counsel, Executive Director, and Director of the Division of Enforcement.  The management response is based on their views and consultation with the Chairman.\nThe management response is divided into four sections to reflect the specific requirements listed in Section 5(b) of the Inspector General Act of 1978, as amended.\nSection I\nComments Keyed to Significant Sections of the IG Report\nA. Audit Program\nDuring the reporting period, the IG issued eight audit reports and one audit memorandum.  Management generally concurred with the findings and recommendations in the IG's reports.\nIn addition to audits performed by the agency's IG, the General Accounting Office (GAO) actively reviewed program and administrative functions of the SEC.  A complete listing of all GAO audit activity involving the SEC is attached as Appendix A.\nB. Response to Significant Problems\nNo new problems were reported.\nC. Response to Significant Problems Previously Identified\nIn prior Semiannual Reports, the IG identified the disgorgement waiver process, collection of filing fees, safeguarding sensitive information, and information resources management as significant problem areas.  During this reporting period, the IG confirmed management's assertion that the disgorgement waiver process, collection of filing fees, and safeguarding sensitive information are no longer significant problem areas.\nThe IG's Semiannual Report continues to identify information resources management as a significant problem.  SEC management is working aggressively to make improvements in this area (see the IG's Semiannual Report for a description of actions taken during this period).\nD. IG Recommendations Concerning Use of Funds\nOn February 4, 2002, the IG issued a report concerning printing and publications.  The report cited approximately $150,000 that could be saved annually, if the SEC Docket were distributed to the staff electronically.  SEC management is implementing this recommendation.\nE. Reports with No Management Decisions\nManagement decisions have been made on all audits issued prior to the beginning of the reporting period (October 1, 2001).\nF. Revised Management Decisions\nNo management decisions were revised during the reporting period.\nSECTION II\nDisallowed Costs\nAs of March 31, 2002\nNumber\nDollar Value\n(in thousands)\nA.\t\tFor which final action has\nnot been taken by the\ncommencement of the\nreporting period\n0\n$0\nB.\tOn which management decisions\nwere made during the reporting\nperiod\n0\n$0\n(Subtotal A+B)\n0\n$0\nC.\tFor which final action was\ntaken during the reporting\nperiod\n0\n$0\n(i)\tRecovered by management\n0\n$0\n(ii)\tDisallowed by management\n0\n$0\nD.\tFor which no final action has\nbeen taken by the end of the\nreporting period\n0\n$0\nSECTION III\nFunds Put to Better Use\nAs of March 31, 2002\nNumber\nDollar Value\n(in thousands)\nA.\tFor which final action has\nnot been taken by the\ncommencement of the\nreporting period\n0\n$0\nB.\tOn which management decisions\nwere made during the reporting\nperiod\n1\n$150,000\nC.\tFor which final action was\ntaken during the reporting\nperiod\n1\n$150,000\n(i)\tDollar value of recom-\nmendations that were\nagreed to by management\n1\n$150,000\n(ii)\tDollar value of recom-\nmendations that management\nhas subsequently concluded\nshould/could not be\nimplemented or completed\n0\n$0\nD.\tFor which no final action has been\ntaken by the end of the reporting period\n0\n$0\nSECTION IV\nOpen Audit Reports Over One Year Old\nAs of March 31, 2002\nAudit #\nAudit Title\nIssued\nFunds Put toBetter Use(in thousands)\nQuestioned Costs(in thousands)\nReason Final Action Not Taken\n130\nManagement of the Data Center\n11/18/89\n$0\n$0\nA number of policies and procedures\nare being documented and adopted.\nHowever, the process has been slowed\nby a shortage of agency staff.\n143\nInformation Resources Management\n3/27/91\n$0\n$0\nSame as above.\n159\nAudit of Local AreaNetworks\n2/16/93\n$0\n$0\nThe remaining pending recom-\nmendation concerns the imple-\nmentation of prior audit and contractor\nrecommendations.  Each of the prior\nrecommendations is being addressed\nunder its original report.\n220\nIRM Planning andExecution\n3/26/96\n$0\n$0\nSee explanation for audit #130.\n238\nInternational TelephoneService\n8/27/96\n$0\n$0\nThe one remaining pending recom-\nmendation focuses on the review of\ntelephone records.  SEC management\nis continuing consultations with\nagency's General Counsel's Office.\nThe recommendation is expected to be\nsatisfied by the end of June 2002.\n243\nSECOA Local Area Network\n3/21/97\n$0\n$0\nSee explanation for audit #130.\n250\nEnhancing Excellence--\nIntegrity Program\n1/22/97\n$0\n$0\nA substantial number of the\nrecommendations have been\nimplemented.  Several policy\ndocuments are on hold until union\ncontract issues are resolved.\n253\nAdministrative Proceedings\n11/7/97\n$0\n$0\nAn adjudicatory conference will be\nheld once there is an experience\nfactor to measure the overall results\nof the NASD's revised disciplinary\nprocedures.\n257\nClient Server\n9/9/97\n$0\n$0\nSee explanation for audit #130.\n260\nValue Engineering Program\n5/2/97\n$0\n$0\nValue engineering plans are being developed for the next fiscal year.\n269\nDatabase Administration\n1/5/98\n$0\n$0\nSee explanation for audit #130.\n271\nProperty System\n9/25/98\n$0\n$0\nA new infrastructure unit has been\ncreated.  The unit's roles and responsi-\nbilities with respect to deployment of\nnew technology assets, managing\nphysical moves of computer equipment\nand maintaining an inventory of tech-\nnology assets are being defined.\n272\nCommission Review\nof SRO Rules\n7/14/98\n$0\n$0\nThe SEC's IT Capital Planning\nCommittee consolidated several requests\nfor optical disk systems into an agency-\nwide package.  Efforts are underway to\nidentify a solution that meets several\nneeds.\n273\nReview of Investment\nCompany Filings\n6/26/98\n$0\n$0\nA contractor completed a require-\nments analysis.  The operating division\nis awaiting the final definition of the\nrequirements before requesting modifi-\ncation of the EDGAR system.\n274\nYear 2000-Internal\nSystems (OIT)\nSee explanation for audit #159.\n275\nYear 2000-EDGAR\n12/21/99\n$0\n$0\nSee explanation for audit #159.\n282\nYear 2000-Internal\nSystems (Non-OIT)\n12/21/99\n$0\n$0\nSee explanation for audit #159.\n293\nY2K Status Report--\nJanuary 1999\n1/25/99\n$0\n$0\nSee explanation for audit #250.\n296\nUNIX Security\n9/14/99\n$0\n$0\nSee explanation for audit #130.\n298\nCommission Review of\nPeriodic Reports\n2/23/2000\n$0\n$0\nManagement is attempting to identify\nreview goals that include areas such as\nquality and complexity of reviews in\naddition to number of reviews.\n299\nData Backup Procedures\n3/31/2000\n$0\n$0\nSee explanation for audit #130.\n308\nEDGAR Hardship\nExemptions\n3/30/2000\n$0\n$0\nThe recommendations are being\nconsidered in connection with the next\nEDGAR modernization rulemaking\ninitiative.\n309\nTelecommunication\nVulnerabilities\n3/31/2000\n$0\n$0\nThe issue of establishing an audit system\nfor SEC telephone activity is under\nreview by the agency's Office of\nGeneral Counsel.  Corrective actions are\nexpected to be completed in June 2002.\n327\nYear 2000 Audits-\nSummary Closing\n12/21/99\n$0\n$0\nSee explanation for audit #130.\n313\nIntegrity Programs\n2/23/2001\n$0\n$0\nGuidance is expected to be issued during\nthe next six months.\n314\nPayroll Conversion\n9/22/2000\n$0\n$0\nSee explanation for audit #250.\n318\nFOIA Process\n3/23/2001\n$0\n$0\nA new e-FOIA processing system\nis being developed.\n323\nClearance Process\n9/29/2000\n$0\n$0\nA substantial number of the recom-\nmendations have been implemented.\nGuidance to supplement the clearance\nregulation will be issued during the next\nthree months.\n327\nGeneral Computer\nControls-Regions\n2/28/2001\n$0\n$0\nSee explanation for audit #130.\nM11\nPart-time Employment\nProgram\n10/21/98\n$0\n$0\nSee explanation for audit #250.\nM12\nControl of Computer Equipment\n12/29/98\n$0\n$0\nSee explanation for #271.\nM14\nContingency Testing\n3/15/99\n$0\n$0\nSee explanation for audit #130.\nG314\nVoluntary Contributions\n8/8/2000\n$0\n$0\nGuidance is expected to be\nissued during the next\nsix months.\nG317\nUse of Personal Resources\n12/14/2000\n$0\n$0\nSee explanation for audit #130.\nAPPENDIX A\nGeneral Accounting Office Audit Activity\nInvolving the Securities and Exchange Commission\nReports Issued During the Reporting Period\n1. Securities and Exchange Commission:  Human Capital Challenges Require Management Attention (GAO-01-947, Sept. 2001)\n2. Anti-Money Laundering:  Efforts in the Securities Industry (GAO-02-111, Oct. 2001)\n3. Securities Regulation:  Improvements Needed in the Amex Listing Program (GAO-02-18, Nov. 2001)\n4. Securities Operations:  Update on Actions Taken to Address Day Trading Concerns (GAO-02-20, Nov. 2001)\n5. Regulatory Reform:  Compliance Guide Requirement Has Had Little Effect on Agency Practices (GAO-02-172, Dec. 2001)\n6. SEC Operations:  Increased Workload Creates Challenges (GAO-02-302, Mar. 2002)\nAudits in Progress as of March 31, 2002\n1. SRO Structure.  A study of the effect of changes in the securities and futures markets on the self-regulatory structure.\n2. Exchange Outages.  A review of four separate market outages that occurred in June 2001 at the New York Stock Exchange, Nasdaq Stock Market, and International Securities Exchange.\n3. Financial Statement Audit Requirements.  A review of whether financial statement audit requirements should be expanded to include certain agencies that are not required to have annual financial statement audits under the Chief Financial Officers Act or other laws.\n4. Extensible Markup Language.  A review of federal activities and plans for implementing the Extensible Markup Language.\n5. Enterprise Architectures.  A review of enterprise architectures across the Federal Government.\n6. Fraudulent Tax Schemes.  A review of the IRS's efforts to ensure that fraudulent tax schemes are identified and properly dealt with and that taxpayers fulfill their tax obligations.  While most of the work is being conducted at IRS, GAO was asked to look into how IRS coordinates its efforts to combat tax schemes with other relevant federal enforcement agencies such as the SEC, DOJ, and FTC.\n7. Catastrophe Risk.  A study of the potential for alternative financial market mechanisms to address catastrophe risks.\n8. Earnings Restatements.  A study centered on the quality of financial reporting in the U.S. and financial restatements between 1997 and 2000.\n9. 401K's/Enron.  A study to describe situations in which employees suffered substantial retirement fund losses because of declines in value of company stock and any actions taken by the Department of Labor and SEC and to outline the number of U.S. retirement plans invested in company stock.\n10. Security of Federal Buildings.  A review to determine the roles, responsibilities, and funding of each department/agency in the security of federal facilities (office buildings and postal facilities).\n11. SEC Disgorgement.  A review of actions taken by SEC in response to recommendations made in GAO's 1994 report, Securities Enforcement:  Improvements Needed in SEC Controls Over Disgorgement Cases.\n12. Financial Markets Response to September 11 & Market Outages.  A study of the September 11 attacks on the functioning of the U.S. financial markets.\n13. Self-Funding.  A study of the consequences of converting the SEC to a self-funded financial regulator.\n14. Privacy Act.  A review of agency's compliance with the Privacy Act of 1974.\nSite Map\nAccessibility\nContracts\nPrivacy\nInspector General\nAgency Financial Report\nBudget & Performance\nCareers\nContact\nFOIA\nNo FEAR Act & EEO Data\nWhistleblower Protection\nOpen Government\nPlain Writing\nLinks\nInvestor.gov\nUSA.gov\nU.S. Securities and Exchange Commission\nABOUT\nDIVISIONS\nENFORCEMENT\nREGULATION\nEDUCATION\nFILINGS\nNEWSROOM\nInspector General\nAbout OIG\nOffice of Audits\nOffice of Investigations\nSemiannual Reports\nTestimony\nOther Publications\nReferences Links\nRelevant FOIA Documents\nContact Us"